Running scripts on remote Pi's

dp2811 · October 15, 2018, 8:41pm

I am trying to run a script on a remote raspberry pi but have become a bit stuck. I have all rsa stuff in the same folder as the config on the home assistant host. I dont seem to be getting any log at all, its like i’ve got the path wrong, which i potentially have.
I have pasted the code below, I would be greatful for some help on this as I am quite stuck (I’m still a newbie to this)

  radio_office:
    command_on: ssh -F /home/dan/.homeassistant/ssh_config -i /id_rsa [email protected] '/home/pi/Radio.sh' 2> /home/dan/.homeassistant/command.log
    friendly_name: Office Radio

Thanks in advance

allan · October 15, 2018, 9:38pm

You might want to give a bit of background to your setup. For example is are you using Hassio, Hassbian, Raspbian self installed… etc. The answers could be quite different for each type of setup.

nickrout · October 16, 2018, 12:44am

What happens when you run this line from the commandline, as the user running HA?

gpbenton · October 16, 2018, 3:53am

In addition to the above two questions, I would also point out that ssh is very particular about the permissions on its rsa files. I seem to remember it refuses to connect if the private key file allows other users to read it.

If it is possible in your configuration, I suggest generating a ssh key specifically for the user that is running HA.

dp2811 · October 16, 2018, 5:11am

Thanks for the responses all.

I think I’m running on a VM’d machine running Ubuntu which I assume is HASSIO?

When I run this command as any user i get permission denied which I assume is why it is not working.

The keys have all been generated by the home assistant user on my install.

Thanks again

allan · October 16, 2018, 5:30am

I just noticed, is your key really in / (as in the root directory of the filesystem)?

Additionally as @gpbenton mentioned… SSH is very particular about permissions on the keys.

They should be owned by the user that HA is running under when you do an ls -l permission should look like

-rw------- 1 ha_user ha_user_group

if they dont chmod 600 id_rsa should set the perms & chown ha_user:ha_user_group id_rsa should change the owner (obviously replacing ha_user and ha_user_group with the correct ones for your system.

Also I’m looking at the paths you have defined and they dont look like Hassio paths. How did you do your install?

I’m wondering if you might need to add the locations to the whitelist too perhaps

Bottom option

dp2811 · October 16, 2018, 6:04am

I do get -rw------- 1 ha_user ha_user_group when i run ls-l. I had a couple of issues installing in the first place so looked at a couple of forums so maybe something got put in the wrong place?

I have tried the whitelist but this doesn’t seem to make a difference.

Thanks

allan · October 16, 2018, 6:28am

is your id_rsa really located at /id_rsa ?
if you switch to the ha user using su - ha_user can you read the files with

cat /id_rsa
cat /home/dan/.homeassistant/ssh_config

If you try to run your ssh command as this use does it work or give you an error?

nickrout · October 16, 2018, 6:32am

For testing, ssh can be run with -v for verbose output. And you can increase verbosity with more v’s, so

ssh -vvvv (other options)

will give heaps of debugging info.

dp2811 · October 16, 2018, 7:24am

Allan, i think that’s part of the problem. I have changed the path so it is now /home/dan/.homeassistant/id_rsa

I can run the ssh -F /home/dan/.homeassistant/ssh_config -i /home/homeassistant/.ssh/id_rsa [email protected] '/home/pi/Radio.sh' as both my user and the HA user. I can now also run this through HA so thank you all very much for your help!